How to send encrypted mail in Gmail

If you haven’t done this before and you want to get up and running with sending secure email, I’ve put together a small guide for you here. This is based on what I have done, and it exist numerous other ways and softwares to do this.

Note: I’m assuming you are using Gmail in the browser for using this method.

If you are using the browsers Chrome or Firefox, you can use an extension for the browser to handle the encrypting and decrypting for you, as well as handling your keys for doing so.

The one I’m using, and pretty happy with so far, is CryptUp (open source). You can read more about it and get the Chrome or Firefox extension at their website https://cryptup.org.

Once installed, you will see this website, and just do what it says, and click on the little green button in the top right corner that says “up” in it.

You will then be sent to the configuration page of the extension, and prompted to click on “Continue with Gmail.” Do that and allow the extention some access to your mail. It should be safe since it doesn’t leave your browser.

 

Once that is done, you’ll be able to generate your key pair if you don’t have any from before.

Press the “New Encryption Key” button as the pointer shows in the picture below. You will then get a public and a private key for encryption and decryption. It will take some time loading after you press it.

After that is done, you’ll be prompted to write a pass phrase for your key. A good way to do it is to take e.g a sentence you know well, but no one else does and write like so: “ThisSentenceIsWithoutSpaces”

You will be asked to repeat it after you set it. This is the password that protects your key, so it is pretty important.

After this is done, you are ready to start sending encrypted mail with Gmail. You’ll get one option to compose a secure message, or go to settings. Go to settings, and then press the “Additional setting” button in the lower right corner, you can get your public key by pressing the button called “Public Key”.

Copy the text, starting from and including:

-----BEGIN PGP PUBLIC KEY BLOCK-----

+ all between, and including:

-----END PGP PUBLIC KEY BLOCK-----

This is the key other people must use to encrypt text and email that they’ll send to you, so this block is the key you give to others for writing secure mail to you. Likewise, you must have theirs public key to write secure mail to them.

Just to have it clear: you must never give away or share you private key! That should be a secret only you have, even if you can’t use it without the corresponding pass phrase. That’s why it’s also important with a strong pass phrase.

Usually these public keys are sent to- and stored on key servers, as well as in the extension you just installed. This is because it should be simple for others to search for and find your public key to send you encrypted and secure mail.

If you now reload your gmail tab, or open a gmail tab if it isn’t open, you’ll see that you have a “secure compose” button for writing encrypted mail. If you do that, and write in a email address in the recipient field, you’ll see that it searches for a public key on the key servers.

If it can’t find any public key on the server, you’ll get an option to add the public key to the contact manually so you can send your encrypted message to them. That public key will be remembered for that contact address in the extension for next time you send them a encrypted message.

If you also take a look in the “compose secure mail” window, you have a button called “PK” there. That button includes your public key in the mail you send to your contact so they have all they need to send you a encrypted and secure reply back.

That should be about it to start using encryption in an easy way with Gmail.

I hope this has been helpful for you.